@R Peaks Thanks for reaching out.
Assuming that you want to communicate with your function app and other azure resource limiting the inbound traffic without using the premium tier and want to see if private endpoint works with any other tier.
Azure Private Endpoint is a network interface that connects you privately and securely to a service powered by Azure Private Link. Private Endpoint uses a private IP address from your virtual network, effectively bringing the service into your virtual network. You can use Private Endpoint for your functions hosted in the Premium and App Service plans. However, if you do not want to use the Premium tier due to cost constraints, you can use service endpoints to ensure inbound traffic to your API app comes only from the subnet used by your front-end web app.
Service endpoints help to secure the API app, but you could still have data exfiltration from your front-end app to other apps in the app service. When you use private endpoints, you don't have the possibility of data exfiltration.
Here are some considerations to help you decide which method to use
- When you use service endpoints, you only need to secure traffic to your API app to the integration subnet.
- When you use private endpoints, you have two subnets at play, which adds complexity. Also, the private endpoint is a top-level resource and adds management overhead.
In case if you have any other requirement then please share more details so I can assist you. You can refer to this document for more details.
If you have any other queries, then please let me know.